WhatsApp introduces extra security for WhatsApp Web users. See how it works
Ever since the instant messaging application WhatsApp introduced multi-device capability, more users have increasingly used the WhatsApp directly through their web browser via WhatsApp. WhatsApp has now come out with a new extension for adding extra security to its web app so users can protect themselves against attacks. The extension is called Code Verify and its sole purpose is to ensure the web version of WhatsApp is secure enough and the end-to-end encryption has not been compromised, according to GSM Arena.
WhatsApp said that the web app is naturally less resilient against attacks. So the Code Verify ensures the same level of security as a native app on Windows, iOS or Android.
According to WABetaInfo, Code Verify is a new very important web browser extension that adds another layer of security for WhatsApp users. When the Code Verify is installed, it automatically detects if the code of the version of WhatsApp Web you’re using has been altered from a malicious entity, so if it is an authentic and untampered version.
“When Code Verify successfully verifies that you’re using an authentic version of WhatsApp Web, it means your version has not been modified by hackers, overreaching governments, or other malicious people and scripts. It is the best way to verify the integrity of your version of WhatsApp Web,” WABetaInfo shared.
Additionally, the extension doesn’t log metadata and user messages, and it doesn’t share any information with WhatsApp and Meta, “it is also open-sourced, so everyone can verify what it does,” it said.
So how does the ‘Code Verify’ work?
According to the official post from Meta, “Verify expands on the concept of subresource integrity, a security feature that lets web browsers verify that the resources they fetch haven’t been manipulated. Subresource integrity applies only to single files, but Code Verify checks the resources on the entire webpage.”
To do this at scale, and to enhance trust in the process, Code Verify partners with Cloudflare to act as a trusted third party. “We’ve given Cloudflare a cryptographic hash source of truth for WhatsApp Web’s JavaScript code. When someone uses Code Verify, the extension automatically compares the code that runs on WhatsApp Web against the version of the code verified by WhatsApp and published on Cloudflare. If there are any inconsistencies, Code Verify will notify the user,” it said.
While comparing hashes to detect files that have been tampered with is not new, Code Verify does so automatically, with the help of Cloudflare’s third-party verification, and at this scale for the first time. WhatsApp’s security protections, the Code Verify extension, and Cloudflare all work together to provide real-time code verification. Whenever the code for WhatsApp Web is updated, the cryptographic hash source of truth and extension will update automatically as well, it further added.
Never miss a story! Stay connected and informed with Mint.
Download
our App Now!!
For all the latest Technology News Click Here
For the latest news and updates, follow us on Google News.